Re: Why are paper LOAs still used?

[Peter Potvin via NANOG <nanog () nanog org>]

I can’t speak for all providers but when it comes to some downstream
networks we will usually request an LOA as additional proof that the
customer is authorized to announce the prefixes, in addition to the IRR
objects and (where possible) RPKI ROAs. Mainly only a thing where RPKI is
not possible and the only route object available is in a non-auth database
such as RADB. Overall it helps keep a paper trail (as Tom said) in case
someone comes knocking.

Kind regards,
Peter


On Mon, Feb 26, 2024 at 14:13 Tom Beecher <beecher () beecher cc> wrote:

> Perhaps the provider only had a single person maintaining the tooling they
> used to interact with the IRR records, that person left/was laid off, and
> it broke. Perhaps they don't have anyone else that can make it work again,
> and they don't want to hire someone else, so they fell back to paper.
>
> Perhaps they have a legal reason to require a paper trail and not rely on
> IRR records.
>
> Plenty of possibilities, all plausible.
>
> On Mon, Feb 26, 2024 at 1:58 PM Seth Mattinen via NANOG <nanog () nanog org>
> wrote:
>
> > Why do companies still insist on, or deploy new systems that rely on
> > paper LOA for IP and ASN resources? How can this be considered more
> > trustworthy than RIR based IRR records?
> >
> > And I'm not even talking about old companies, I have a situation right
> > now where a VPS provider I'm using will no longer use IRR and only
> > accepts new paper LOAs. In the year 2024. I don't understand how anyone
> > can go backwards like that.
> >
> > ~Seth